For details on cookie usage on our site, read our Privacy Policy
- Get Started
- News & Events
- Collaboration
- Education Services
- Technologies
- Next-Generation Firewall
- GlobalProtect
- Threat Prevention Services
- Endpoint Protection
- SSL Decryption
- App-ID
- Content-ID
- User-ID
- 5G
- IoT Security
- Cloud Identity Engine
- Panorama
- AIOps for NGFW
Network Security
- Prisma Access
- Prisma Cloud
- Prisma SD-WAN
- Cloud NGFW for AWS
- CN-Series
- VM-Series:
- Private Cloud
- OCI
- Alibaba
- AWS
- GCP
- Azure
Cloud Security
- Cortex XDR
- Cortex XSOAR
- Cortex Data Lake
- Cortex Xpanse
Security Operations
- Resources
GLOBAL PROTECT login failing intermittently with 2 factor authentication for security groups
- LIVEcommunity
- Collaboration
- Discussions
- GlobalProtect Discussions
- GLOBAL PROTECT login failing intermittently with 2 factor authentication for security groups
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
GLOBAL PROTECT login failing intermittently with 2 factor authentication for security groups
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
06-25-2021 11:48 AM
We are implementing 2 factor authentication and it is failing intermittently when using security groups in the authentication profile. When we use "all" in the LDAP tree, it works like a champ. When we go to a single group, it fails with "user not in allow list" but when checking the user database, the user-id is listed. If we use the same authentication group without 2 factor it works every time as well. The timeout for 2 factor has been increased from 60 to 120 seconds. We are also getting the message from our 2 factor auth vendor every time. Although we get prompted twice.
Has anyone else had this issue as it was been a week working with support without progress?
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
06-30-2021 12:45 AM - edited 06-30-2021 12:49 AM
do you mean 2 factor as in pin/password and passcode or 2 factor as in password and certificate?
is your user database local or ldap?
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
06-30-2021 05:42 AM
It is a LDAP database. We are testing a solution related to what the LDAP server is sending over. So far so good.
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
06-30-2021 08:06 AM
so ldap is working?
- Total number of profiles (101) exceeds platform capacity (100) in General Topics
- Possiblility of getting locked out of web interface? in General Topics
- User-ID with 802.1x problems wired and wireless in General Topics
- cortex xdr agent connection problem in General Topics
- XQL - Hunt for Kerberos Relay Up Activity in Cortex XDR Discussions
Show your appreciation!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
